x-kom hosting

Sprawdzenie loga

ERF
utworzono
utworzono

Witam.. Proszę o sprawdzenie poniższego loga:

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:34:07, on 08-02-28Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\OS\System32\smss.exeC:\OS\system32\winlogon.exeC:\OS\system32\services.exeC:\OS\system32\lsass.exeC:\OS\system32\svchost.exeC:\OS\System32\svchost.exeC:\OS\system32\svchost.exeC:\OS\system32\spoolsv.exeC:\OS\Explorer.EXED:\Program Files\TortoiseSVN\bin\TSVNCache.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\OS\system32\RUNDLL32.EXEC:\Program Files\F-Secure\Common\FSM32.EXEC:\OS\system32\ctfmon.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\OS\ATKKBService.exeC:\OS\system32\CTsvcCDA.exeC:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeC:\Program Files\F-Secure\Common\FSMA32.EXEC:\Program Files\F-Secure\Anti-Virus\FSGK32.EXEC:\Program Files\F-Secure\Common\FSMB32.EXEC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\OS\system32\nvsvc32.exeD:\Program Files\VMware\VMware Server\vmware-authd.exeC:\Program Files\F-Secure\Common\FCH32.EXEC:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeC:\Program Files\F-Secure\Anti-Virus\fsqh.exeC:\OS\system32\vmnat.exeC:\Program Files\F-Secure\Common\FAMEH32.EXEC:\OS\system32\vmnetdhcp.exeD:\Program Files\VMware\VMware Server\vmserverdWin32.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeC:\Program Files\F-Secure\FSAUA\program\fsaua.exeC:\Program Files\F-Secure\Anti-Virus\fssm32.exeC:\Program Files\F-Secure\FWES\Program\fsdfwd.exeC:\Program Files\F-Secure\Anti-Virus\fsav32.exeC:\Program Files\F-Secure\FSGUI\fsguidll.exeC:\Program Files\Gadu-Gadu\gg.exeC:\Program Files\Internet Explorer\iexplore.exeD:\Program Files\Trend Micro\HijackThis\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\OS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [PHIME2002ASync] C:\OS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\OS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exeO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\OS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\OS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splashO4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSWO4 - HKCU\..\Run: [ctfmon.exe] C:\OS\system32\ctfmon.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Właściciel\Menu Start\Programy\>IMVU\Run IMVU.lnk (file missing)O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\OS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\OS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_27.cabO16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.3/g_bin/pl/boards_2_0_0_33.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183465798890O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cabO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_34.cabO16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - http://67.15.101.3/g_bin/pl/billardt_2_0_0_34.cabO16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_34.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\OS\ATKKBService.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\OS\system32\CTsvcCDA.exeO23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exeO23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exeO23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exeO23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXEO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\OS\system32\nvsvc32.exeO23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - D:\Program Files\VMware\VMware Server\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\OS\system32\vmnetdhcp.exeO23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeO23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - D:\Program Files\VMware\VMware Server\vmserverdWin32.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\OS\system32\vmnat.exeO23 - Service: wampapache - Apache Software Foundation - D:\Program Files\wamp\bin\apache\apache2.2.6\bin\httpd.exeO23 - Service: wampmysqld - Unknown owner - D:\Program Files\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe--End of file - 7934 bytes

nitro07
komentarz
komentarz

Log wygląda na czysty, dzieje się coś z komputerem ?

ERF
komentarz
komentarz

Nie. Ale jak już pisałem Wkurza mnie to, że tyle pamięci pobiera -,-

nitro07
komentarz
komentarz

jeśli masz zajęte dużo pamięci RAM to sprawdź które aplikacje są najbardziej pamięciożerne ctrl+alt+delete - zakładka procesy - użycie pamięci

ERF
komentarz
komentarz

AntyVirus, ale przecież go nie wyłącze oraz winlogon.exe - co to :D ? aha i svhost.exe

GoBi
komentarz
komentarz

Kasuj wpisy

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Właściciel\Menu Start\Programy\>IMVU\Run IMVU.lnk (file missing)

O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_27.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - http://67.15.101.3/g_bin/pl/billardt_2_0_0_34.cab

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.